CISCO 4 Final Review

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Mister_kupido09
M
Mister_kupido09
Community Contributor
Quizzes Created: 7 | Total Attempts: 1,152
Questions: 52 | Attempts: 230

SettingsSettingsSettings
CISCO 4 Final Review - Quiz

Questions and Answers
  • 1. 

    Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?

    • A.

      Interface reset

    • B.

      Unplugged cable

    • C.

      Improper LMI type

    • D.

      PPP negotiation failure

    Correct Answer
    D. PPP negotiation failure
    Explanation
    Based on the given exhibit, the most likely cause for the communication failure is PPP negotiation failure. This can be inferred from the output shown, which indicates that the LCP (Link Control Protocol) negotiation has failed. LCP is responsible for establishing and configuring the PPP link between two peers, so a failure in this negotiation process would result in communication issues. The other options, such as interface reset, unplugged cable, or improper LMI type, are not supported by the given information.

    Rate this question:

  • 2. 

    Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?

    • A.

      Frame-relay interface-dlci 103 on Serial 0/0/0.1 frame-relay interface-dlci 203 on Serial 0/0/0.2

    • B.

      Frame-relay interface-dlci 301 on Serial 0/0/0.1 frame-relay interface-dlci 302 on Serial 0/0/0.2

    • C.

      Frame-relay map ip 192.168.1.1 103 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 203 broadcast on Serial 0/0/0.2

    • D.

      Frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2

    Correct Answer
    D. Frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2
    Explanation
    The point-to-point subinterfaces on HQ should be configured with the frame-relay map commands to map the IP addresses of the remote sites to the correct DLCIs on the corresponding serial interfaces. In this case, the IP address 192.168.1.1 should be mapped to DLCI 301 on Serial 0/0/0.1, and the IP address 192.168.2.2 should be mapped to DLCI 302 on Serial 0/0/0.2. This configuration ensures that the correct IP packets are encapsulated and sent over the correct DLCIs to the remote sites.

    Rate this question:

  • 3. 

    Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?

    • A.

      ATM

    • B.

      Frame Relay

    • C.

      HDLC

    • D.

      PPP

    • E.

      SDLC

    Correct Answer
    C. HDLC
    Explanation
    HDLC (High-Level Data Link Control) is the default data link layer encapsulation protocol used for serial connections between two Cisco routers. HDLC provides a simple and efficient way to encapsulate data and control information for transmission over serial links. It is a bit-oriented protocol that ensures reliable and error-free communication between devices. HDLC is widely supported by Cisco routers and is the default encapsulation used unless otherwise specified.

    Rate this question:

  • 4. 

    Refer to the exhibit. Company ABC expanded its business and recently opened a new branch office in another country. IPv6 addresses have been used for the company network. The data servers Server1 and Server2 run applications which require end-to-end functionality, with unmodified packets that are forwarded from the source to the destination. The edge routers R1 and R2 support dual stack configuration. What solution should be deployed at the edge of the company network in order to successfully interconnect both offices?

    • A.

      A new WAN service supporting only IPv6

    • B.

      NAT overload to map inside IPv6 addresses to outside IPv4 address

    • C.

      A manually configured IPv6 tunnel between the edge routers R1 and R2

    • D.

      Static NAT to map inside IPv6 addresses of the servers to an outside IPv4 address and dynamic NAT for the rest of the inside IPv6 addresses

    Correct Answer
    C. A manually configured IPv6 tunnel between the edge routers R1 and R2
    Explanation
    In order to successfully interconnect both offices and ensure end-to-end functionality with unmodified packets, a manually configured IPv6 tunnel between the edge routers R1 and R2 should be deployed. This will allow for the transmission of IPv6 packets between the two offices over an IPv4 network. This solution ensures that the packets are not modified and can be successfully forwarded from the source to the destination.

    Rate this question:

  • 5. 

    Which variable is permitted or denied by a standard access control list?

    • A.

      Protocol type

    • B.

      Source IP address

    • C.

      Source MAC address

    • D.

      Destination IP address

    • E.

      Destination MAC address

    Correct Answer
    B. Source IP address
    Explanation
    A standard access control list permits or denies access based on the source IP address. This means that it can be used to control which devices or networks are allowed to send traffic to a particular destination based on their IP address. The source IP address is an important factor in determining the origin of network traffic, and by controlling access based on this variable, network administrators can enforce security policies and restrict access to certain resources.

    Rate this question:

  • 6. 

    Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?

    • A.

      The clock rate must be 56000

    • B.

      The usernames are misconfigured

    • C.

      The IP addresses are on different subnets

    • D.

      The clock rate is configured on the wrong end of the link

    • E.

      The CHAP passwords must be different on the two routers

    • F.

      Interface serial 0/0/0 on CTRL must connect to interface serial 0/0/1 on BR_1.

    Correct Answer
    B. The usernames are misconfigured
    Explanation
    The routers are unable to establish a PPP session because the usernames are misconfigured. This means that the usernames entered on both routers do not match, causing authentication failure and preventing the establishment of the PPP session.

    Rate this question:

  • 7. 

    Which three statements accurately describe a security policy? (Choose three.)

    • A.

      It creates a basis for legal action if necessary

    • B.

      It defines a process for managing security violations

    • C.

      It defines acceptable and unacceptable use of network resources

    • D.

      The remote access policy is a component of the security policy that governs acceptable use of e-mail systems.

    • E.

      It is kept private from users to prevent the possibility of circumventing security measures.

    • F.

      It provides step-by-step procedures to harden routers and other network devices.

    Correct Answer(s)
    A. It creates a basis for legal action if necessary
    B. It defines a process for managing security violations
    F. It provides step-by-step procedures to harden routers and other network devices.
    Explanation
    A security policy is a set of rules and guidelines that outline how an organization will protect its assets and information. It serves as a basis for legal action by clearly defining what actions are considered violations and can be used as evidence in court if necessary. It also defines a process for managing security violations, establishing protocols for reporting, investigating, and responding to incidents. Additionally, a security policy provides step-by-step procedures to harden routers and other network devices, ensuring that they are configured securely and protected against potential threats.

    Rate this question:

  • 8. 

    A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?

    • A.

      Conduct a performance test and compare with the baseline that was established previously.

    • B.

      Interview departmental secretaries and determine if they think load time for web pages has improved.

    • C.

      Determine performance on the intranet by monitoring load times of company web pages from remote sites.

    • D.

      Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

    Correct Answer
    A. Conduct a performance test and compare with the baseline that was established previously.
    Explanation
    The best way for the network administrator to determine if the additions and changes improved performance and availability on the company intranet is to conduct a performance test and compare it with the baseline that was established previously. By conducting a performance test, the administrator can measure various metrics such as network speed, response time, and overall performance. By comparing these results with the baseline, the administrator can identify any improvements or issues that may have occurred due to the VLAN configurations changes. This method provides objective and quantitative data to assess the impact of the changes on performance and availability.

    Rate this question:

  • 9. 

    Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?

    • A.

      ATM

    • B.

      VPN

    • C.

      ISDN

    • D.

      Frame Relay

    • E.

      Broadband DSL

    Correct Answer
    B. VPN
    Explanation
    A VPN (Virtual Private Network) would be the best WAN technology to provide secure connectivity between headquarters and both branch offices. VPNs use encryption and authentication protocols to create a secure and private network connection over the Internet. This allows for secure communication and data transfer between the different locations, ensuring the confidentiality and integrity of the transmitted information.

    Rate this question:

  • 10. 

    Which statement about a VPN is true?

    • A.

      VPN link establishment and maintenance is provided by LCP.

    • B.

      DLCI addresses are used to identify each end of the VPN tunnel.

    • C.

      VPNs use virtual Layer 3 connections that are routed through the Internet.

    • D.

      Only IP packets can be encapsulated by a VPN for tunneling through the Internet

    Correct Answer
    C. VPNs use virtual Layer 3 connections that are routed through the Internet.
    Explanation
    VPNs use virtual Layer 3 connections that are routed through the Internet. This statement is true because VPNs create a secure connection over a public network, such as the Internet, using virtual Layer 3 connections. These connections allow for the encapsulation and encryption of data packets, ensuring privacy and security while transmitting data over the network. By routing the connections through the Internet, VPNs provide a cost-effective and flexible solution for remote access and secure communication between networks.

    Rate this question:

  • 11. 

    A company is deciding which WAN connection type it should implement between its main office and branch offices. The company wants to use a cost-effective service that provides virtual circuits between each office. The company also wants to be able to transmit variable-length packets on these circuits. Which solution best meets these requirements?

    • A.

      ATM

    • B.

      HDLC

    • C.

      ISDN

    • D.

      Frame Relay

    Correct Answer
    D. Frame Relay
    Explanation
    Frame Relay is the best solution to meet the company's requirements. Frame Relay is a cost-effective WAN connection type that provides virtual circuits between each office. It allows for the transmission of variable-length packets, making it suitable for transmitting data of different sizes. ATM, HDLC, and ISDN are not as suitable because they may not provide the same cost-effectiveness or support for variable-length packets.

    Rate this question:

  • 12. 

    A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports?

    • A.

      Company 1 only uses microfilters at branch locations.

    • B.

      Company 1 has a lower volume of POTS traffic than company 2 has.

    • C.

      Company 2 is located farther from the service provider than company 1 is.

    • D.

      Company 2 shares the connection to the DSLAM with more clients than company 1 shares with.

    Correct Answer
    C. Company 2 is located farther from the service provider than company 1 is.
    Explanation
    The explanation for why company 1 reports higher download speeds than company 2 reports is that company 2 is located farther from the service provider than company 1 is. The distance between a company's location and the service provider can affect the quality and speed of the DSL connection. The farther the distance, the more likely it is for the signal to weaken and result in slower download speeds. Therefore, company 2, being located farther away, experiences slower download speeds compared to company 1.

    Rate this question:

  • 13. 

    Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the DC router to the Orlando router?

    • A.

      DLCI 123

    • B.

      DLCI 321

    • C.

      10.10.10.25

    • D.

      10.10.10.26

    • E.

      MAC address of the Orlando router

    Correct Answer
    B. DLCI 321
    Explanation
    The address field in the header of a frame that will travel from the DC router to the Orlando router is DLCI 321.

    Rate this question:

  • 14. 

    Refer to the exhibit. This router is being configured to use SDM, but the SDM interface of the router cannot be accessed. What is the cause of the problem?

    • A.

      The VTY lines are not configured correctly

    • B.

      The HTTP timeout policy is not configured correctly

    • C.

      The authentication method is not configured correctly

    • D.

      The username and password are not configured correctly

    Correct Answer
    D. The username and password are not configured correctly
    Explanation
    The cause of the problem is that the username and password are not configured correctly. This means that the router is not able to authenticate the user trying to access the SDM interface, hence preventing access to it.

    Rate this question:

  • 15. 

    Which two devices can be used by teleworkers who need to connect to the company network across the PSTN for a few hours a day? (Choose two.)

    • A.

      Router

    • B.

      CSU/DSU

    • C.

      DSL modem

    • D.

      Cable modem

    • E.

      Access server

    • F.

      Dialup modem

    Correct Answer(s)
    B. CSU/DSU
    C. DSL modem
    Explanation
    Teleworkers who need to connect to the company network across the PSTN for a few hours a day can use a CSU/DSU and a DSL modem. A CSU/DSU (Channel Service Unit/Data Service Unit) is a device used to connect a router to a digital circuit, such as a T1 line, while a DSL modem allows for high-speed internet access over a telephone line. Both devices are capable of connecting to the PSTN (Public Switched Telephone Network) and can be used by teleworkers for their connectivity needs.

    Rate this question:

  • 16. 

    An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?

    • A.

      When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.

    • B.

      Incorrect IPv4 addresses are entered on the router interfaces

    • C.

      RIPng is incompatible with dual-stack technology

    • D.

      IPv4 is incompatible with RIPng

    Correct Answer
    D. IPv4 is incompatible with RIPng
  • 17. 

    What is the function of an intrusion detection system on a network?

    • A.

      To restrict access to only authorized users

    • B.

      To detect attacks against a network and send logs to a management console

    • C.

      To prevents attack against the network and provide active defense mechanisms

    • D.

      To detect and prevent most viruses and many Trojan horse applications from spreading in the network

    Correct Answer
    B. To detect attacks against a network and send logs to a management console
    Explanation
    An intrusion detection system (IDS) is designed to detect attacks against a network and send logs to a management console. It does not restrict access to authorized users, prevent attacks, or prevent the spread of viruses or Trojan horse applications. The primary function of an IDS is to monitor network traffic and identify any suspicious or malicious activity that could indicate an intrusion. Once detected, the IDS sends logs or alerts to a management console, allowing administrators to take appropriate action to mitigate the attack and enhance network security.

    Rate this question:

  • 18. 

    Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?

    • A.

      The default gateway is in the wrong subnet

    • B.

      STP has blocked the port that PC1 is connected to

    • C.

      Port Fa0/2 on S2 is assigned to the wrong VLAN.

    • D.

      S2 has the wrong IP address assigned to the VLAN30 interface

    Correct Answer
    C. Port Fa0/2 on S2 is assigned to the wrong VLAN.
    Explanation
    The cause of the problem is that Port Fa0/2 on S2 is assigned to the wrong VLAN. This means that PC1 is not in the correct VLAN and therefore cannot communicate with the default gateway.

    Rate this question:

  • 19. 

    When Frame Relay encapsulation is used, what feature provides flow control and exchanges information about the status of virtual circuits?

    • A.

      LCP

    • B.

      LMI

    • C.

      DLCI

    • D.

      Inverse ARP

    Correct Answer
    B. LMI
    Explanation
    LMI stands for Local Management Interface, which is a feature in Frame Relay that provides flow control and exchanges information about the status of virtual circuits. LMI messages are used between the Frame Relay switch and the customer's router to manage the connection. It helps in monitoring the status of virtual circuits, detecting failures, and providing flow control mechanisms to ensure efficient data transmission. Therefore, LMI is the correct answer to the question.

    Rate this question:

  • 20. 

    A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time?

    • A.

      Configure DHCP and static NAT

    • B.

      Configure dynamic NAT for ten users.

    • C.

      Configure static NAT for all ten users

    • D.

      Configure dynamic NAT with overload

    Correct Answer
    D. Configure dynamic NAT with overload
    Explanation
    The system administrator can configure dynamic NAT with overload to provide Internet access to all ten users at the same time. Dynamic NAT allows the router to map multiple private IP addresses to a single public IP address, which conserves public IP addresses. With overload (also known as Port Address Translation or PAT), the router can use different port numbers to uniquely identify each connection, allowing multiple users to share the same public IP address. This ensures that all ten users can access the Internet simultaneously using the two assigned public IP addresses.

    Rate this question:

  • 21. 

    A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)

    • A.

      Reduced jitter

    • B.

      Reduced costs

    • C.

      Reduced latency

    • D.

      The ability to burst above guaranteed bandwidth

    • E.

      The ability to borrow unused bandwidth from the leased lines of other customers

    Correct Answer(s)
    A. Reduced jitter
    C. Reduced latency
    Explanation
    Dedicated leased lines provide reduced jitter and reduced latency compared to a shared Frame Relay solution. This is because dedicated leased lines offer a dedicated connection between the headquarters site and the remote sites, ensuring a consistent and stable network performance. In contrast, a shared Frame Relay solution may experience variable delays and fluctuations in network performance due to the shared nature of the connection. Therefore, dedicated leased lines are preferred when low latency and minimal jitter are crucial for the company's network requirements.

    Rate this question:

  • 22. 

    What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration of a local router that has been configured as a DHCP server?

    • A.

      Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.

    • B.

      Traffic will not be routed from clients with addresses between 192.168.24.1 and 192.168.24.5.

    • C.

      The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.

    • D.

      The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.

    Correct Answer
    C. The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.
    Explanation
    The command "ip dhcp excluded-address" is used to exclude certain IP addresses from being assigned by the DHCP server. In this case, the command "ip dhcp excluded-address 192.168.24.1 192.168.24.5" is added to the configuration of the local router. This means that the DHCP server will not assign the IP addresses ranging from 192.168.24.1 to 192.168.24.5 to any clients.

    Rate this question:

  • 23. 

    Refer to the exhibit. A host connected to Fa0/0 is unable to acquire an IP address from the DHCP server. The output of the debug ip dhcp server command shows “DHCPD: there is no address pool for 192.168.3.17″. What is the problem?

    • A.

      The address 192.168.3.17 address is already in use by Fa0/0.

    • B.

      The pool of addresses for the 192Network pool is configured incorrectly

    • C.

      The ip helper-address command should be used on the Fa0/0 interface

    • D.

      The 192.168.3.17 address has not been excluded from the 192Network pool

    Correct Answer
    B. The pool of addresses for the 192Network pool is configured incorrectly
    Explanation
    The problem is that the pool of addresses for the 192Network pool is configured incorrectly. This means that the DHCP server does not have a valid range of IP addresses to assign to clients. As a result, when the host connected to Fa0/0 requests an IP address, the DHCP server cannot provide one because the address pool is misconfigured.

    Rate this question:

  • 24. 

    Refer to the exhibit. From the output of the show interfaces and ping commands, at which layer of the OSI model is a fault indicated?

    • A.

      Application

    • B.

      Transport

    • C.

      Network

    • D.

      Data link

    • E.

      Physical

    Correct Answer
    C. Network
    Explanation
    Based on the output of the show interfaces and ping commands, a fault is indicated at the network layer of the OSI model. This can be inferred from the fact that the ping command is able to reach the destination IP address successfully, indicating that the transport and network layers are functioning properly. However, the show interfaces command shows that there is a high number of input errors on the interface, suggesting a problem at the network layer.

    Rate this question:

  • 25. 

    What three questions can be answered using data gathered from a baseline on a new network? (Choose three.)

    • A.

      Are areas of the network experiencing high error rates?

    • B.

      Will the disaster recovery procedures work correctly?

    • C.

      What parts of the network have the highest volume?

    • D.

      Does the organization require more network technicians?

    • E.

      How does the network perform during peak periods?

    • F.

      Are there any devices working at top capacity?

    • G.

      What networks are the most susceptible to security attacks?

    Correct Answer(s)
    C. What parts of the network have the highest volume?
    E. How does the network perform during peak periods?
    F. Are there any devices working at top capacity?
    Explanation
    Data gathered from a baseline on a new network can answer the question of what parts of the network have the highest volume. This data can also provide insights into how the network performs during peak periods, allowing for optimization and improvements. Additionally, it can identify any devices that are working at top capacity, indicating potential bottlenecks or areas that require attention.

    Rate this question:

  • 26. 

    Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?

    • A.

      Extended

    • B.

      Reflexive

    • C.

      Standard

    • D.

      Time-based

    Correct Answer
    B. Reflexive
    Explanation
    A reflexive ACL is the correct answer because it allows inbound traffic into a private network only if an outbound session has already been established between the source and destination. This type of ACL is also known as a stateful firewall because it keeps track of the state of connections and only permits traffic that is part of an established session. By doing so, it helps to enhance the security of the network by preventing unauthorized access.

    Rate this question:

  • 27. 

    Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to Web Server. What is the destination IP address of the return packet from Web Server when received at R1?

    • A.

      10.1.1.2:80

    • B.

      10.1.1.2:1234

    • C.

      172.30.20.1:1234

    • D.

      172.30.20.1:3333

    Correct Answer
    D. 172.30.20.1:3333
    Explanation
    When R1 performs NAT overload for the 10.1.1.0/24 inside network, it replaces the source IP address and port number of outgoing packets with its own IP address and a unique port number. Therefore, when the Web Server sends a return packet to Host A, the destination IP address will be 172.30.20.1 (R1's IP address) and the destination port number will be 3333 (the unique port number assigned by R1).

    Rate this question:

  • 28. 

    An administrator issues the command show interfaces s0/1/0 on a router that is configured for Frame Relay. Which console output may indicate an LMI mismatch?

    • A.

      Serial0/1/0 is administratively down

    • B.

      Serial0/1/0 is up, line protocol is up

    • C.

      Serial0/1/0 is up, line protocol is down

    • D.

      Serial0/1/0 is down, line protocol is down

    Correct Answer(s)
    C. Serial0/1/0 is up, line protocol is down
    D. Serial0/1/0 is down, line protocol is down
    Explanation
    The console output "Serial0/1/0 is up, line protocol is down" and "Serial0/1/0 is down, line protocol is down" may indicate an LMI mismatch. This is because in Frame Relay, the LMI (Local Management Interface) is responsible for exchanging information between the router and the Frame Relay switch. If there is a mismatch in the LMI type or configuration between the router and the switch, the line protocol will be down even though the physical interface is up. Therefore, the presence of "line protocol is down" in the console output suggests an LMI mismatch.

    Rate this question:

  • 29. 

    A recently patched application server is experiencing response time problems. The network on which the application server is located has been experiencing occasional outages that the network team believes may be related to recent routing changes. Network and application teams have been notified to work on their respective issues. Which statement applies to this situation?

    • A.

      Only results from the software package should be tested as the network is designed to accommodate the proposed software platform.

    • B.

      Scheduling will be easy if the network and software teams work independently.

    • C.

      It will be difficult to isolate the problem if two teams are implementing changes independently.

    • D.

      Results from changes will be easier to reconcile and document if each team works in isolation.

    Correct Answer
    C. It will be difficult to isolate the problem if two teams are implementing changes independently.
    Explanation
    It will be difficult to isolate the problem if two teams are implementing changes independently because both the network and application teams are making changes without coordinating with each other. This lack of coordination can make it challenging to identify the root cause of the response time problems, as the changes made by one team may affect the performance of the other team's components. By working independently, the teams may inadvertently introduce conflicts or dependencies that make it harder to troubleshoot and resolve the issue effectively.

    Rate this question:

  • 30. 

    Refer to the exhibit. Branch A has a non-Cisco router that is using IETF encapsulation and Branch B has a Cisco router. After the commands that are shown are entered, R1 and R2 fail to establish the PVC. The R2 LMI is Cisco, and the R1 LMI is ANSI. The LMI is successfully established at both locations. Why is the PVC failing?

    • A.

      The PVC to R1 must be point-to-point

    • B.

      LMI types must match on each end of a PVC

    • C.

      The frame relay PVCs cannot be established between Cisco and non-Cisco routers.

    • D.

      The IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command.

    Correct Answer
    D. The IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command.
    Explanation
    The PVC is failing because the IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command. This parameter is necessary for the non-Cisco router at Branch A to understand the encapsulation used by the Cisco router at Branch B. Without the IETF parameter, the routers are unable to establish the PVC successfully.

    Rate this question:

  • 31. 

    Refer to the exhibit. Which VLAN will carry untagged traffic on FastEthernet 0/1?

    • A.

      VLAN 1

    • B.

      VLAN 2

    • C.

      VLAN 11

    • D.

      VLAN 12

    • E.

      VLAN 30

    • F.

      VLAN 999

    Correct Answer
    B. VLAN 2
    Explanation
    The untagged traffic on FastEthernet 0/1 will be carried by VLAN 2.

    Rate this question:

  • 32. 

    What is an accurate description of CHAP when used with PPP on a serial connection between two routers?

    • A.

      A username and password are sent to the peer router, which replies with an accept or reject message.

    • B.

      A username and password are sent to the peer router. If these match the configuration in the peer, the peer in turn provides a username and password to the initiating router.

    • C.

      A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.

    • D.

      An encrypted password is sent to the peer router, which decrypts it and compares it to a shared secret. If the decrypted passwords match, the peer sends the encrypted password back to the initiating router.

    Correct Answer
    C. A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.
    Explanation
    CHAP (Challenge Handshake Authentication Protocol) is a protocol used in PPP (Point-to-Point Protocol) to authenticate the identity of the peer router. In this process, a challenge message is sent from the initiating router to the peer router. The peer router responds with its username and a calculated value based on a shared secret. The initiating router then compares this calculated value with its own calculations to verify the authenticity of the peer router. This method ensures secure authentication by using a shared secret and verifying the response from the peer router.

    Rate this question:

  • 33. 

    Where does a service provider assume responsibility from a customer for a WAN connection?

    • A.

      Local loop

    • B.

      DTE cable on router

    • C.

      Demarcation point

    • D.

      Demilitarized zone

    Correct Answer
    C. Demarcation point
    Explanation
    The correct answer is demarcation point. The demarcation point is the physical point at which the responsibility for a WAN connection shifts from the customer to the service provider. It is typically located at the customer's premises and marks the boundary between the customer's network and the service provider's network. At this point, any issues or maintenance related to the WAN connection become the responsibility of the service provider.

    Rate this question:

  • 34. 

    Refer to the exhibit. An ACL called Managers already exists on this router. What happens if the network administrator issues the commands as shown in the exhibit?

    • A.

      The commands are added to the end of the existing ACL.

    • B.

      The existing Managers ACL will be overwritten by the new ACL.

    • C.

      The router will output an error message and no changes will be made.

    • D.

      A duplicate Managers ACL will be created that will contain only the new commands.

    Correct Answer
    A. The commands are added to the end of the existing ACL.
    Explanation
    The given answer states that the commands will be added to the end of the existing ACL. This means that the new commands will be appended to the existing Managers ACL without overwriting or creating a duplicate ACL.

    Rate this question:

  • 35. 

    Which statement is true about PAP in the authentication of a PPP session?

    • A.

      PAP uses a two-way handshake.

    • B.

      The password is unique and random.

    • C.

      PAP conducts periodic password challenges.

    • D.

      PAP uses MD5 hashing to keep the password secure.

    Correct Answer
    A. PAP uses a two-way handshake.
    Explanation
    PAP (Password Authentication Protocol) is a simple authentication method used in PPP (Point-to-Point Protocol) sessions. It involves a two-way handshake process where the client sends its username and password to the server, and the server responds with an acknowledgment. This process verifies the client's identity based on the provided credentials. PAP does not use unique and random passwords, conduct periodic challenges, or use MD5 hashing to secure the password.

    Rate this question:

  • 36. 

    Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?

    • A.

      PPP with PAP

    • B.

      PPP with CHAP

    • C.

      HDLC with PAP

    • D.

      HDLC with CHAP

    Correct Answer
    B. PPP with CHAP
    Explanation
    PPP with CHAP should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router. PPP (Point-to-Point Protocol) provides a secure and reliable connection between two devices, and CHAP (Challenge Handshake Authentication Protocol) is a secure authentication method that uses a three-way handshake process to authenticate the devices without sending passwords in plain text. This combination ensures that the authentication information is encrypted and protected during transmission, making it an ideal choice for establishing a secure link between Cisco and non-Cisco routers.

    Rate this question:

  • 37. 

    Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?

    • A.

      BE

    • B.

      DE

    • C.

      CIR

    • D.

      CBIR

    Correct Answer
    C. CIR
    Explanation
    CIR stands for Committed Information Rate, which is the capacity through the local loop guaranteed to a customer by the service provider. This means that the service provider ensures a minimum amount of bandwidth or data transfer rate that the customer will always receive, regardless of network congestion or other factors.

    Rate this question:

  • 38. 

    Which wireless solution can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable?

    • A.

      Wi-Fi

    • B.

      WiMAX

    • C.

      Satellite

    • D.

      Metro Ethernet

    Correct Answer
    B. WiMAX
    Explanation
    WiMAX is the correct answer because it is a wireless solution that can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable. WiMAX stands for Worldwide Interoperability for Microwave Access and it uses radio waves to transmit data over long distances. It is capable of delivering high-speed internet access to users in areas where traditional wired connections are not available or feasible. WiMAX technology offers fast and reliable connectivity, making it a suitable option for mobile users who require broadband internet access on the go.

    Rate this question:

  • 39. 

    Refer to the exhibit. EIGRP has been configured as a routing protocol on the network. Users on the 192.168.1.0/24 network should have full access to the web server that is connected to 192.168.3.0/24 but should not be allowed to telnet to router R3. Verifying the configuration, the network administrator realizes that users on network 192.168.1.0/24 can successfully telnet to the router. What should be done to remedy the problem?

    • A.

      The ACL 101 statements 10 and 20 should be reversed.

    • B.

      The ACL 101 should be applied on R3 VTY lines 0 4 in the inbound direction.

    • C.

      The ACL 101 should be applied on R3 VTY lines 0 4 in the outbound direction.

    • D.

      The ACL 101 should be applied on R3 Serial0/0/1 interface in the outbound direction.

    • E.

      The ACL 101 statement 10 should be changed to: permit ip 192.168.1.0 0.0.0.255 any

    Correct Answer
    A. The ACL 101 statements 10 and 20 should be reversed.
    Explanation
    The ACL 101 statements 10 and 20 should be reversed. This means that the current statement 10, which allows all traffic from the 192.168.1.0/24 network, should be changed to statement 20, and the current statement 20, which denies telnet traffic to router R3, should be changed to statement 10. By reversing these statements, the ACL will correctly allow access to the web server on the 192.168.3.0/24 network while denying telnet access to router R3 from the 192.168.1.0/24 network.

    Rate this question:

  • 40. 

    What does an access control list determine when used with NAT on a Cisco router?

    • A.

      Addresses that are to be translated

    • B.

      Addresses that are assigned to a NAT pool

    • C.

      Addresses that are allowed out of the router

    • D.

      Addresses that are accessible from the inside network

    Correct Answer
    A. Addresses that are to be translated
    Explanation
    An access control list (ACL) determines the addresses that are to be translated when used with NAT on a Cisco router. This means that the ACL specifies which IP addresses will undergo the process of address translation, allowing them to be converted from private IP addresses to public IP addresses or vice versa. The ACL helps control and manage the translation process, ensuring that only specific addresses are affected by NAT.

    Rate this question:

  • 41. 

    Which IP address and wildcard mask combination can be used in an ACL statement to match the 172.16.0.0/30 network?

    • A.

      172.16.0.0 0.0.0.1

    • B.

      172.16.0.0 0.0.0.3

    • C.

      172.16.0.0 0.0.0.7

    • D.

      172.16.0.0 255.255.255.252

    Correct Answer
    B. 172.16.0.0 0.0.0.3
    Explanation
    The correct answer is 172.16.0.0 0.0.0.3. This is because a wildcard mask of 0.0.0.3 will match the last two bits of the IP address, allowing for a network range of 172.16.0.0 to 172.16.0.3. Since the given network is 172.16.0.0/30, which has a subnet mask of 255.255.255.252, the corresponding wildcard mask is 0.0.0.3.

    Rate this question:

  • 42. 

    Which security solution has the responsibility of monitoring suspicious processes that are running on a host and that might indicate infection of Trojan horse applications?

    • A.

      Antivirus application

    • B.

      Operating system patches

    • C.

      Intrusion prevention system

    • D.

      Cisco Adaptive Security Appliance

    Correct Answer
    A. Antivirus application
    Explanation
    An antivirus application is responsible for monitoring suspicious processes running on a host and identifying potential Trojan horse infections. It scans files and processes for known malware signatures, behavior patterns, and anomalies to detect and remove any malicious software. By regularly scanning the system and monitoring for suspicious activities, the antivirus application helps to protect the host from Trojan horse infections and other types of malware.

    Rate this question:

  • 43. 

    Refer to the exhibit. A network administrator is trying to connect R1 remotely to make configuration changes. Based on the exhibited command output, what will be the result when attempting to connect to R1?

    • A.

      Failure to connect due to Telnet not being enabled

    • B.

      Failure to connect due to incomplete configuration for Telnet

    • C.

      A successful connection and ability to make configuration changes

    • D.

      A successful connection but inability to make configuration changes because of the absence of an enable secret password

    Correct Answer
    C. A successful connection and ability to make configuration changes
    Explanation
    Based on the exhibited command output, the Telnet line vty 0 4 command is present, which indicates that Telnet is enabled on the device. Therefore, the network administrator will be able to connect to R1 remotely and make configuration changes.

    Rate this question:

  • 44. 

    Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?

    • A.

      There is a Layer 2 loop.

    • B.

      The VTP domain names do not match.

    • C.

      Only one switch can be in server mode.

    • D.

      S2 has a higher spanning-tree priority for VLAN 11 than S1 does.

    Correct Answer
    B. The VTP domain names do not match.
    Explanation
    The VTP domain names do not match. VTP (VLAN Trunking Protocol) allows for the synchronization of VLAN information across switches in a domain. In this case, S1 and S2 are in different VTP domains, which means that any VLANs created on one switch will not be propagated to the other switch. Therefore, VLAN 11, which was created on S1, is missing from S2.

    Rate this question:

  • 45. 

    A technician has been asked to run the Cisco SDM one-step lockdown on a customer router. What will be the result of this process?

    • A.

      Traffic is only accepted from and forwarded to SDM-trusted Cisco routers.

    • B.

      Security testing is performed and the results are saved as a text file stored in NVRAM.

    • C.

      All traffic that enters the router is quarantined and checked for viruses before being forwarded.

    • D.

      The router is tested for any potential security problems and all recommended security-related configuration changes will be automatically applied.

    Correct Answer
    D. The router is tested for any potential security problems and all recommended security-related configuration changes will be automatically applied.
    Explanation
    The Cisco SDM one-step lockdown process involves testing the router for potential security problems and automatically applying recommended security-related configuration changes. This helps to enhance the overall security of the router by addressing any vulnerabilities and implementing necessary security measures.

    Rate this question:

  • 46. 

    Refer to the exhibit. Which data transmission technology is being represented?

    • A.

      TDM

    • B.

      PPP

    • C.

      HDLC

    • D.

      SLIP

    Correct Answer
    A. TDM
  • 47. 

    A network administrator is instructing a technician on best practices for applying ACLs. Which two suggestions should the administrator provide? (Choose two.)

    • A.

      Named ACLs are less efficient than numbered ACLs.

    • B.

      Standard ACLs should be applied inside the core layer.

    • C.

      Place standard ACLs as close to the destination as possible.

    • D.

      ACLs applied to outbound interfaces require fewer router resources.

    • E.

      Extended ACLs should be applied closest to the source that is specified by the ACL.

    Correct Answer(s)
    B. Standard ACLs should be applied inside the core layer.
    E. Extended ACLs should be applied closest to the source that is specified by the ACL.
    Explanation
    Standard ACLs should be applied inside the core layer because they are less resource-intensive and can be applied closer to the destination to filter traffic more effectively. Extended ACLs should be applied closest to the source specified by the ACL because they provide more granular control over traffic and can filter based on source and destination IP addresses, protocols, and port numbers.

    Rate this question:

  • 48. 

    Refer to the exhibit. Which configuration command would result in the output in the exhibit?

    • A.

      Ip nat inside source static 10.1.200.254 172.16.76.3

    • B.

      Ip nat inside source static 192.168.0.10 10.1.200.254

    • C.

      Ip nat inside source static 10.1.200.254 192.168.0.10

    • D.

      Ip nat inside source static 172.16.76.3 10.1.200.254

    • E.

      Ip nat inside source static 172.16.76.3 192.168.0.10

    • F.

      Ip nat inside source static 192.168.0.10 172.16.76.3

    Correct Answer
    F. Ip nat inside source static 192.168.0.10 172.16.76.3
  • 49. 

    What are three important reasons to establish a network baseline? (Choose three.)

    • A.

      To determine the time it takes for the network to self recover from a failure

    • B.

      To determine which areas in the network are underutilized or overutilized

    • C.

      To determine the performance of the network during the normal hours of operation

    • D.

      To determine what thresholds should be set for the devices that need to be monitored

    • E.

      To determine the areas in the network which should not be included in the monitoring process

    • F.

      To determine the number of users whose access to network resources should be restricted

    Correct Answer(s)
    B. To determine which areas in the network are underutilized or overutilized
    C. To determine the performance of the network during the normal hours of operation
    D. To determine what thresholds should be set for the devices that need to be monitored
    Explanation
    Establishing a network baseline is important for several reasons. Firstly, it helps determine which areas in the network are underutilized or overutilized, allowing for better resource allocation and optimization. Secondly, it allows for the evaluation of network performance during normal hours of operation, identifying any bottlenecks or issues that may affect user experience. Lastly, establishing a baseline helps determine the appropriate thresholds that should be set for devices that need to be monitored, ensuring efficient monitoring and management of the network.

    Rate this question:

  • 50. 

    Which two statements are true about creating and applying access lists? (Choose two.)

    • A.

      There is an implicit deny at the end of all access lists.

    • B.

      One access list per port, per protocol, per direction is permitted.

    • C.

      Access list entries should filter in the order from general to specific.

    • D.

      The term “inbound” refers to traffic that enters the network from the router interface where the ACL is applied.

    • E.

      Standard ACLs should be applied closest to the source while extended ACLs should be applied closest to the destination.

    Correct Answer(s)
    A. There is an implicit deny at the end of all access lists.
    B. One access list per port, per protocol, per direction is permitted.
    Explanation
    The first statement is true because there is always an implicit deny at the end of all access lists. This means that if a packet does not match any of the conditions in the access list, it will be denied by default.

    The second statement is also true because only one access list per port, per protocol, per direction is permitted. This means that you cannot have multiple access lists for the same port, protocol, and direction.

    These two statements are true in the context of creating and applying access lists.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 26, 2012
    Quiz Created by
    Mister_kupido09
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.